Docker/mealie
Docker/mealie
1
0
Fork 0
mirror of https://github.com/mealie-recipes/mealie.git synced 2025-07-24 07:39:41 +02:00
Code Issues Releases Activity

docs: document necessity of forwarded-allow-ips with OIDC behind reverse-proxy https (#5461)

Browse source
This commit is contained in:
oddlama 2025-05-21 21:15:14 +02:00 committed by GitHub
parent a652830a26
commit c13c0868ae
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 4 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

4
docs/docs/documentation/getting-started/authentication/oidc.md
View file

@ -36,6 +36,10 @@ Before you can start using OIDC Authentication, you must first configure a new c
http://localhost:9091/login http://localhost:9091/login
https://mealie.example.com/login https://mealie.example.com/login
If you are hosting Mealie behind a reverse proxy (nginx, Caddy, ...) to terminate TLS, make sure to start Mealie's Gunicorn server
with `--forwarded-allow-ips=<ip-of-proxy>`, otherwise the `X-Forwarded-*` headers will be ignored and the generated OIDC redirect
URI will use the wrong scheme (http instead of https). This will lead to authentication errors with strict OIDC providers.
3. Configure origins 3. Configure origins
If your identity provider enforces CORS on any endpoints, you will need to specify your Mealie URL as an Allowed Origin. If your identity provider enforces CORS on any endpoints, you will need to specify your Mealie URL as an Allowed Origin.